(controlled unclassified information) Which of the following is NOT an example of CUI? NARA has the authority and responsibility to manage the CUI Program across the Federal government. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? Which of the following is not Controlled Unclassified Information (CUI)? correct. Which of the following demonstrates proper protection of mobile devices? What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? NARAissuespolicy directives and publishesan annualreportto the President of the United Stateson the status of agency CUI Program implementation in accordance with Executive Order 13556, Controlled Unclassified Information. Which of the following may help to prevent spillage? A coworker is observed using a personal electronic device in an area where their use is prohibited. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. What action should you take? Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Download the information. Tell us about it through the REPORT button at the bottom of the page. Report the crime to local law enforcement. Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? Use personal information to help create strong passwords. Dont allow other access or to piggyback into secure areas. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Classified data: (Scene) Which of the following is true about telework? Correct. Discuss why gases, such as barbecue propane gas, are sold by mass and not by volume. Based on the description that follows how many potential insider threat indicators are displayed? What can you do to protect yourself against phishing? Why might "insiders" be able to cause damage to their organizations more easily than others? Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. CPCON 3 (Medium: Critical, Essential, and Support Functions) Use the classified network for all work, including unclassified work. If you participate in or condone it at any time. Which of the following information is a security risk when posted publicly on your social networking profile? Correct. What should you do? What should be your response? Which of the following may help to prevent inadvertent spillage? You may use your personal computer as long as it is in a secure area in your home b. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Correct. Malicious code can do the following except? **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? Which of the following is NOT considered sensitive information? Which of the following is a good practice to prevent spillage. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? How can you avoid downloading malicious code? Should you always label your removable media? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Senior government personnel, military or civilian. Which scenario might indicate a reportable insider threat security incident? (Spillage) When is the safest time to post details of your vacation activities on your social networking website? Which of the following is a good practice to avoid email viruses? Any time you participate in or condone misconduct, whether offline or online. What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? It does not require markings or distribution controls. What should you do? Which is an untrue statement about unclassified data? To transmit large payments through Fedwire __________, To regulate and supervise the stock market to provide stability and security to individual investors. *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. What should be your response? (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? However, agency personnel and contractors should first consult their agency's CUI implementing policies and program management for guidance. The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. When operationally necessary, owned by your organization, and approved by the appropriate authority. The email provides a website and a toll-free number where you can make payment. It is releasable to the public without clearance. All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Dofficult life circumstances, such as death of spouse. Your favorite movie. Mark SCI documents appropriately and use an approved SCI fax machine. The date of full implementation of the CUI Program will be announced by the EPAs CUI Senior Agency Official (CUI SAO) and updated here on EPAs public web page. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? Which of the following is true of downloading apps? You must have permission from your organization. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. We recommend Norton Security or McAfee Total Protection. Which of the following is true about telework? When unclassified data is aggregated, its classification level may rise. *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. you don't need to do anything special to protect this information Of the following, which is NOT a characteristic of a phishing attempt? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Which is NOT a method of protecting classified data? A type of phishing targeted at senior officials. Decline So That You Maintain Physical Control of Your Government-Issued Laptop. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. You receive an inquiry from a reporter about potentially classified information on the internet. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). 1.To provide opportunities for individuals and businesses to open checking accounts __________, To write rules and guidelines for financial institutions under its supervision __________, To be the lender of last resort for financial institutions __________, To conduct the nations monetary policy with the goals of maintaining full employment and price stability __________, 5. Which of these is true of unclassified data? (Spillage) What is required for an individual to access classified data? (Malicious Code) Which of the following is true of Internet hoaxes? Store it in a GSA approved vault or container. Proactively identify potential threats and formulate holistic mitigation responses. By Quizzma Team / Technology. Phishing can be an email with a hyperlink as bait. The CUIProgramisan unprecedented initiative to standardize practices across more than 100 separate departments and agencies, as well asstate, local,tribal and, private sector entities; academia; and industry. Updated 8/5/2020 8:06:16 PM. DoD Unclassified data: Must be cleared before being released to the public May require applci aton i of Controled l Uncasl sed Iifi nformaton i (CU)I access and distribution controls Must be clearly marked as Unclassified or CUI if included in a classified document or classified storage area The answer has been confirmed to be correct. The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? It never requires classification markings, is true about unclassified data. Of the following, which is NOT a method to protect sensitive information? Not correct. It never requires classification markings, is true about unclassified data. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. 1 Answer/Comment. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? f. Get an answer. It includes a threat of dire circumstances. Please click here to see any active alerts. **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? what should be your response be? Store it in a General Services Administration (GSA)-approved vault or container. Decline to let the person in and redirect her to security. Aggregating it does not affect its sensitivyty level. (Sensitive Information) Which of the following is NOT an example of sensitive information? *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Classified information that should be unclassified and is downgraded. Which of the following is a practice that helps to protect you from identity theft? Search for an answer or ask Weegy. The Registry is updated as agencies continue to submit governing authorities that authorize the protection and safeguarding of sensitive information. Rating. Annual DoD Cyber Awareness Challenge Training, DOD Cyber Awareness Challenge 2019: Knowledge, DOD Cyber Awareness Challenge 2019 (DOD-IAA-V, Operations Management: Sustainability and Supply Chain Management, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene. **Identity management What is the best way to protect your Common Access Card (CAC)? Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. Which of the following is true of protecting classified data? What should be done to protect against insider threats? Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? With WEKA users, you can access WEKA sample files. Use only your personal contact information when establishing your account. **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? correct. What is a best practice for protecting controlled unclassified information (CUI)? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. **Home Computer Security What should you consider when using a wireless keyboard with your home computer? Based on the description that follows, how many potential insider threat indicator (s) are displayed? *Spillage Which of the following may help to prevent spillage? 1.1.2 Classified Data. Its classification level may rise when aggregated. laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. When teleworking, you should always use authorized and software. Q&A for work. Do not download it. 8. (Spillage) When classified data is not in use, how can you protect it? not correct Which of the following statements is true? After you have returned home following the vacation. Connect and share knowledge within a single location that is structured and easy to search. Search by Subject Or Level. It is not corporate intellectual property unless created for or included in requirements related to a government contract. Select the information on the data sheet that is personally identifiable information (PII). Hostility or anger toward the United States and its policies. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Share sensitive information only on official, secure websites. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. How are Trojan horses, worms, and malicious scripts spread? Which of the following is not a best practice to preserve the authenticity of your identity? General Services Administration (GSA) approval. **Classified Data What is a good practice to protect classified information? A man you do not know is trying to look at your Government-issued phone and has asked to use it. CPCON 1 (Very High: Critical Functions) Which of these is true of unclassified data?-It must be released to the public immediately.-Its classification level may rise when aggregated. Ensure proper labeling by appropriately marking all classified material. Refer the vendor to the appropriate personnel. Which of the following is a security best practice when using social networking sites? How do you think antihistamines might work? Information improperly moved from a higher protection level to a lower protection level. Not correct Which of the following is NOT an appropriate way to protect against inadvertent spillage? (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? How can you protect data on your mobile computing and portable electronic devices (PEDs)? Proactively identify potential threats and formulate holistic mitigation responses. What should be your response? What is the best choice to describe what has occurred? Which of the following should you do immediately? Be aware of classification markings and all handling caveats. How can you protect your information when using wireless technology? Keeping a database from being accessed by unauthorized visitors C. Restricting a subject at a lower classification level from accessing data at a higher classification level D. Preventing an . On September 14, 2016, NARA issued a final rule amending 32 CFR Part 2002 to establish a uniform policy for all Federal agencies and prescribe Government-wide program implementation standards, including designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI; self-inspection and oversight requirements; and other facets of the CUI Program. What is a possible indication of a malicious code attack in progress? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. **Social Networking Which of the following is a security best practice when using social networking sites? Confirm the individuals need-to-know and access. However, unclassified data. You know this project is classified. *Spillage What should you do if you suspect spillage has occurred? **Mobile Devices Which of the following helps protect data on your personal mobile devices? Second, unclassified points are regarded as ground seeds if the distances between the points and the detected planes are less than a buffer difference threshold. How can you guard yourself against Identity theft? (Sensitive Information) Which of the following is true about unclassified data? You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? *Sensitive Compartmented Information When is it appropriate to have your security badge visible? (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. It contains certificates for identification, encryption, and digital signature. Which of the following is NOT a DoD special requirement for tokens? What should you do? Which of the following is a concern when using your Government-issued laptop in public? You are reviewing your employees annual self evaluation. Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. Which of the following is true of Sensitive Compartmented Information (SCI)? ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! Which of the following is NOT an example of CUI? Thats the only way we can improve. DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. Which of the following best describes wireless technology? Someone calls from an unknown number and says they are from IT and need some information about your computer. (Travel) Which of the following is a concern when using your Government-issued laptop in public? -It never requires classification markings. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? What action is recommended when somebody calls you to inquire about your work environment or specific account information? Others may be able to view your screen. internet-quiz. Position your monitor so that it is not facing others or easily observed by others when in use Correct. cyber-awareness. Contact the IRS using their publicly available, official contact information. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. There is no way to know where the link actually leads. Classified DVD distribution should be controlled just like any other classified media. **Social Networking Which of the following best describes the sources that contribute to your online identity? What amount is due if Alexa pays on or betwee n April 222222 and May 666? Which of the following individuals can access classified data? (social networking) Which of the following is a security best practice when using social networking sites? What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? CUI is not classified information. Verify the identity of all individuals.??? Insiders are given a level of trust and have authorized access to Government information systems. When leaving your work area, what is the first thing you should do? Adversaries exploit social networking sites to disseminate fake news Correct. Classification markings and handling caveats. Which of the following is true of Security Classification Guides? New answers. Correct. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? Government-owned PEDs when expressly authorized by your agency. A coworker uses a personal electronic device in a secure area where their use is prohibited. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Since the URL does not start with https, do not provide your credit card information. Is it okay to run it? Correct. **Social Engineering How can you protect yourself from internet hoaxes? Your password and the second commonly includes a text with a code sent to your phone. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? This task is performed with the aim of finding similarities in data points and grouping similar data points together. Were mitochondria as abundant in human epithelial cells as in onion epidermal cells (procedure 4.6)? Use only personal contact information when establishing your personal account. What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Which of the following is an example of Protected Health Information (PHI)? The popup asks if you want to run an application. The proper security clearance and indoctrination into the SCI program. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. What can be used to track Marias web browsing habits? In which situation below are you permitted to use your PKI token? Which of the following is NOT considered a potential insider threat indicator? What action should you take? Validate friend requests through another source before confirming them. CPCON 4 (Low: All Functions) What function do Insider Threat Programs aim to fulfill? a. What is NOT Personally Identifiable Information (PII)? What is the best response if you find classified government data on the internet? How should you protect a printed classified document when it is not in use? Which of the following is a potential insider threat indicator? Only allow mobile code to run from your organization or your organizations trusted sites. What action should you take? *Insider Threat Which of the following is a potential insider threat indicator? Correct. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. New interest in learning another language? A .gov website belongs to an official government organization in the United States. cyber-awareness. This lets the service person know when the tank is "full." Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? b. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Which is NOT a way to protect removable media? Memory sticks, flash drives, or external hard drives. Research the source of the article to evaluate its credibility and reliability. **Identity Management Which of the following is the nest description of two-factor authentication? New interest in learning another language, Which of the following is a good practice to protect classified information. How should you securely transport company information on a removable media? correct. Since the URL does not start with https, do not provide you credit card information. **Classified Data Which of the following is true of telework? Do not use any personally owned/non-organizational removable media on your organizations systems. Ask for information about the website, including the URL. You many only transmit SCI via certified mail. The website requires a credit card for registration. Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. Store it in a shielded sleeve to avoid chip cloning. You must have your organization's permission to telework c. You may use unauthorized software as long as your computer's antivirus software is up to date. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Where. Executive Order 13526 Classified National Security Information, PersonallyIdentifiable Information (PII), Sensitive Personally Identifiable Information (SPII), Proprietary Business Information (PBI) or currently known within EPA as Confidential Business Information (CBI), Unclassified Controlled Technical Information (UCTI). The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? Within a secure area, you see an individual you do not know. What should you do? What does Personally Identifiable Information (PII) include? Let us know if this was helpful. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Which of the following is true about telework? For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). Following instructions from verified personnel. Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. Make note of any identifying information and the website URL and report it to your security office. *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? a. putting a child in time-out *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Always check to make sure you are using the correct network for the level of data. A. As part of the survey the caller asks for birth date and address. Look for a digital signature on the email. asked in Internet by voice (265k points) internet. Which of the following attacks target high ranking officials and executives? Historically, each agency developed its own practices for sensitive unclassified information, resulting in a patchwork of systems across the Executive branch, in which similar information might be defined or labeled differently, or where dissimilar information might share a definition and/or label. T/F. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. Jozeal. Thiswill enabletimely and consistent informationsharing andincreasetransparency throughout the Federal government and with non-Federal stakeholders. Law Enforcement Sensitive (LES),and others. a. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? -Its classification level may rise when aggregated. As long as the document is cleared for public release, you may share it outside of DoD. Cyber Awareness 2022. Debra ensures not correct A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. Which of the following is true of transmitting Sensitive Compartmented Information (SCI)? **Insider Threat What is an insider threat? The following practices help prevent viruses and the downloading of malicious code except. It is created or received by a healthcare provider, health plan, or employer. Linda encrypts all of the sensitive data on her government-issued mobile devices. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? Federal agencies routinely generate, use, store, and share information that, while not meeting the threshold for classification as national security or atomic energy information, requires some level of protection from unauthorized access and release. You can email your employees information to yourself so you can work on it this weekend and go home now. Which Of The Following Is Not A Correct Way To Protect CUI.